Slashdot Mirror
VOIP Progress To Be Hobbled By Wiretap Costs?
vaporland writes "This article @ nytimes.com talks about the reasons that development of commercial VOIP may be stifled by the costs required to allow the federal government to listen in on conversations. It is the intention of the FBI, et al, to provide a truly unfunded mandate to force VOIP service providers to develop and provide this wiretap access to them at no cost to the U.S. government, which is to say, the consumer of VOIP will foot the bill for allowing the government to listen in on our phone calls. Perhaps they should just hire some script kiddies to show them how to do it on the cheap?"
Perhaps we should just all (i mean everyone) start using encryption everywhere and make the whole thing pointless just so they give up..
This comment does not represent the views or opinions of the user.
If I don't pay for the wiretapping costs, don't wiretap me.
Users of VOIP are taxpayers. At least this can be considered a use tax. If a citizen never uses VOIP should they pay for your wiretap? Just a thought.
The PGP Phone Project is dead now but it would be great of GPGP would revive it. The script kiddes would have a much tougher time cracking this and this is why the goverment is wanting a little help.
Yeah. Why don't they just use their own money instead of making us pay for it?
KFG
When did it become the duty of a government to spy on its own citizens and force them to pay for the privelege of being spied on?
This sig has been stolen. Return it to its original user for a reward.
While none of us would like to incur more fees, the simple fact that my Vonage bill is currently about $60.00 less per month then my Bell South bill, a small additional fee to cover this wouldn't be so bad. You can debate the pros and cons of whether or not VoIP wiretapping should even be done, but if it does, a small added fee to an already inexpensive service shouldn't be a problem.
My mom always said, "Jim, you're 1 in a million." Given the current population, there are 7000 of me. God help us all!
Public/private keys are great and all, but for organized crime it would work just as well to use a symmetric cipher and just share the keys. If the criminals are all working together, it shouldn't matter if they all know the key.
Anyway, it always rubs me the wrong way when the feds demand to have backdoor access to spy on us. It's bad enough they have the right to tap a phone at all, but now they're trying to make sure that ability is built into the software? No thanks--I'll use an offshore VOIP provider who doesn't have those nasty requirements.
Si la vida me da palo, yo la voy a soportar Si la vida me da palo, yo la voy a espabilar
Oh how interesting things would be if the likes of Vonage added "Federal Wiretap Fee" as a lineitem on the bill.
I bet some federal officials would get an earfull. If the general population will have to pay for this feature, they should at least know.
Soccer Goal Plans
What prevents me from writing my own VOIP software and using that? Will it need to be wiretap-emabled as well? What if I use SSH or PGP to secure and authenticate the connections?
Does the government really think that the terrorists are going to sign up for Vonage and not use Skype or their own small app?
I've never understood how the VOIP cos. expect to survive long-term. VOIP is just another TCP/IP protocol like ftp or smtp. The only reason a VOIP connection requires a third party provider is because most of the phone network is still POTS and so VOIP cos are essentially brokers between the POTS and the internet. But eventually, most calls will be peer-to-peer across the internet just like most other IP protocols and there will be no need for VOIP cos.
This makes the whole wiretap thing moot. The VOIP cos. won't survive anyway, so who cares if they die a little earlier because of some silly wiretap requirements?
FreeSpeech.org
Ummm, the consumer is going to have to foot the bill one way or another. If the Federal government chips in to pay for it, it's going to come from some form of tax, otherwise it's just going to be a higer bill from your VoIP provider.
-- Is it a right to remain ignorant? -- Calvin
Hey, I'm voting Badnarik in '04. ;)
Does it ever occur to anyone to wonder what the reaction of the founding fathers would have been to all this crap?
"Hey, how about we
(1) make sure the government can listen to folks' private conversations, and make 'em pay for the privelige?
(2) restrict political protest to 'free speech zones' where no-one can hear it?
(3) have armed government agents at all ports?
(4) make everyone carry ID documents if they want to travel, and arrange it so we can secretly scan them without the citizen even knowing?
(5) refuse to let someone travel if their name resembles the name of someone we have declared an enemy?
(6) etc etc etc"
Bottom line: do you think the framers would have
(a) enshrined the government's right to do this crap in the constitution, or
(b) enshrined the People's right not to suffer this crap in the constitution?
It baffles me why Americans are not rioting in the streets.
How are they going to force non-US VoIP companies to comply with this requirement? It isn't like there aren't already a variety of ways to communicate in a manner that thwarts government snooping, the fact that the old phone system made this relatively easy is no reason to cripple modern communication mechanisms.
With allies like Congress, who needs competition?
Put in idiotic, technically dubious and extremely expensive regulations, and watch as start-ups flounder. Meanwhile, watch foreign corporations refine their (simpler) systems and develop low-cost ways to deliver their service.
The US now has a choice to make: paranoia or progress.
Information: "I want to be anthropomorphized"
Which people? You mean the CIA/FBI? Did you vote to give them this power? Did you vote to elect the people who have access to this power? Did you even vote for the person that hired those people?
The beuracracy is thick. Who is in control? I certainly don't feel like I am.
Instead of trying to detect attacks, how about eliminating the reasons the terrorists have for attacking us in the first place? Everybody has a reason for doing something... find out what their reason is and eliminate it. I imagine their reason has nothing to do with being really evil and wanting to eliminate freedom, so don't even throw that one in the ring. Nobody is really evil, just greedy and motivated by their own self-interests.
You misspelled 'invasion of privacy'. I always thought 'innocent until proven guilty' was somewhat dominant idea of US justice system. Obviously I was wrong.
If you actually justify spying of people by the fact that some of them are (or may be) criminals you are stating, that all of them are guilty of a crime, until proven innocent.
.signature: Command not found
Oh my no, its much more expensive than you think.
Firstly, theres all the hackers using something called "Linux", the young Feds were trained on MS Windows, and then they have to rebuild their FBI hard coded network monitor to operate on a port other than 80.
Most of all, the retraining fees are needed because they are no longer using mice with balls, they have upgraded and now have mice with frikkin lazer beams attached to their underbelly.
I fail to see really how this can be implimented without actually allowing tapping the rest of the data stream, otherwise anybody could simply sign up to an offshore service using encryption and another port.
liqbase
Encryption is no more limited in France. More funny, GnuPG is one of the officially allowed softwares anyone can use!
May I add for t_allardyce that someone on Kuro5hin.org has been interrogated by some US agency (I don't remember which one) just by posting a message saying "it would be a good thing to kill the (US) president."
Okay, the current system is called CALEA. I believe it consists of a Sun board in a generic box racked out at every landline, wireless and many large hotel (Vegas) switches. If you google for it there were some Phrack articles and other hack scene publications on them. I believe each one has a t1 interface, so that is 24 voice channels it can listen to. Maybe it can only redirect 12, as 12 other channels are required for redirection.
So now Vonage and Packet8 would have to drop these on their switches, assuming they properly support the standards that the CALEA boxes use. They should have the advantage of easily providing this ability from a single point, I'd imagine their servers are all in a few locations.
The funny thing is, you could just get a VOIP endpoint from a provider in a different country and wala, no CALEA. No fuss. Alot of long distance fees, though.
The last job I worked at, supposidly our employer or a related agency listened in on the home telephone conversations of an employee. The rumor I heard was that an employee was under the scope for downloading hacker utilities (a utility that determines if a host is up by pinging it?). Supervisor heard, called employee at home from his cell phone, both got nabbed, the supervisor for tipping off the employee. This was at the Navy's NMCI project. This was the rumor going around, and I don't know who the people were.
When we were younger we found what we guess were illegal phone tapes while xxx-99xx scanning. Too funny.
There are also rumors that CALEA boxes are insecure, have been owned, are connected to the internet and are using public IPs. Another conspiracy theory says they were implemented by companies that are foreign owned and were being unknowingly used to listen in on the president and led to premature release of the Monica Lewinsky audio to reporters. That is all conspiracy theory, search around. You never know, the gov't does some pretty dumb things sometime.
There is a good article in Business 2.0 about drug cartels using the data from phone switches to track federal agents and their people, by cross referencing phone numbers. They used an AS/400.
And in case you didn't know, you can listen to a Popeye's chicken drive thru in Southeastern Virginia live... open http://audio12.hrconnect.com:8000/popeyes.m3u in any mp3 player that supports internet streams/m3u playlists. Enjoy! Don't forget, EST time.
Southeastern Virginia REPRESENT!
I was a software engineer on Nortel Network's VoIP "succession" line of products, and I can attest that wiretapping ability is something that was required for us to add.
The issue is with conversations now being transmitted in packets as opposed to analog signals, its impossible to tap the wire conventionally. The only place you could do that is from where the signal is converted back to POTS (plain old telephone service) to the house. Which, in a perfect VoIP world, isn't going to even be an option as people are using things like cable modems as their VoIP gateways (so its digital all the way from the house).
However, I don't think this "feature" hobbled our progress. It was just another feature in an extremely long list of features that were necessary. I don't think it took the engineer more than a week to implement, but possibly its more difficult in different architectures? (A key to Nortels architecture was being able to seemlessly integrate with POTS service, so digital->analog conversion was basically a built-in).
Now, whether I agree with the "feature" or not is a different story, but I won't go into that....
on that day i'll take the terrorists' side and suggest they go target the white-house instead of innocent people who are helpless to do anything.
Your comment and profile as been added to the database thanks for helping us make this country more secure. From now on please call in advance your lawyer and prepare yourself for a full orifice search if you plan to take the plane, the bus or ride a bicycle on the street cause it will be hell to you.
--Your government agencies
Yahh, hiii haaaaa! -Major Kong, from Dr. Strangelove
So basically what I'm saying is that VoIP wiretapping regulations seem to be pointless. They can't prevent individuals from encrypting their own traffic when making direct connections to eachother anymore than they can prevent people from using SSH or HTTPS. And the only time 3rd party VoIP providers (who can be regulated) are even needed is when gatewaying to the PSTN, which can be tapped anyway.
http://blog.nexusuk.org
...quit trying to force the use of technological solutions. I'd rather require them to physically place a bug in my cell phone (or PC mic) than require all of this accursed intrusion and cost.
Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
Nope, it was not the same government. The OKC bombing was during the Clinton Administration, the Afghan and Iraq wars took place under Bush.
As for the OKC bombing, the debris field looked exactly the way you would expect it to when you place a very, very large truck full of explosives in front of a building. There was a large roughly circular hole in the building with the plack McVeigh's truck was parked at dead center. The far wall stood up to the blast so you would expect the shock wave to bounce off the wall and push debris back out again.
Bush lied about the weather balloons sure, or to be strictly accurate he got Powell to lie for him, just like he has these swift boat perjurers to lie for him. We know what sort of character the man has, he smeared McCain, he smeared McClellan, he is smearing Kerry. But the truth of one conspiracy theory does not make all conspiracy theories true.
As to the phone taps, I have always assumed the government taps, opens mail, plants evidence, hides real evidence, etc, as much as they want to, and warrants and laws be damned.
Which is why procedures to make cryptographic assurance of data integrity are so important. Why do you think that PKI companies are involved in placing the taps? It is so that there a cast iron chain of evidence is possible.
Its bad when O.J. gets away with murdering his wife and a waiter. It is worse when people go to jail for the rest of their life or are executed for crimes they never committed. Having assurance that the evidence is sound is a good thing.
As far as terrorism goes, that is not the main area where wiretaps are useful, never has been. Several terrorist groups have come to grief when they used faulty codes. But even the best transport encryption does not conceal the most useful information - traffic analysis. Knowing who Mohamed Atta called in the six months prior to 9/11 was very useful.
What Al Qaeda are doing today is using pay as you go chips in cheap mobile phones. They discard these regularly, but not regularly enough. The whole 9/11 plot was done using a bizare mixture of sophistication and sloppiness. If as Clarke had urged W had put the country on full terrorism alert instead of going on vacation to cut brush there was a good chance of being lucky.
That is why Al Qaeda have been so quiet of late. They never did have many people and they lost a significant number in the 9/11 attack. They have also had defections after Bin Laden was heard joking about how some of the hijackers did not know it was a suicide mission.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Are you trying to say the government should never be allowed to eavesdrop on criminal communications even with a warrant?! I can't distinguish between that and anarchy. Can somebody please help me?